network connection to agent should be well secured by default